Strong Security for Distributed File Systems

Size: px
Start display at page:

Download "Strong Security for Distributed File Systems"

Transcription

1 Strong Security for Distributed File Systems Ethan Miller Darrell Long William Freeman Benjamin Reed University of California, Santa CruzTRW IBM Research Abstract We have developed a scheme to secure networkattached storage systems against many types of attacks. Our system uses strong cryptography to hide data from unauthorized users; someone gaining complete access to a disk cannot obtain any useful data from the system, and backups can be done without allowing the superuser access to unencrypted data. While denial-of-service attacks cannot be prevented, our system detects forged data. The system was developed using a raw disk, and can be integrated into common file systems. We discuss the design and security tradeoffs such a distributed file system makes. Our design guards against both remote intruders and those who gain physical access to the disk, using just enough security to thwart both types of attacks. This security can be achieved with little penalty to performance. We discuss the security operations that are necessary for each type of operation, and show that there is no longer any reason not to include strong encryption and authentication in network file systems. 1. Introduction Computer storage is an increasingly important part of the Internet, and ensuring the security and integrity of stored data is a crucial problem. Attacks by intruders and insiders have led to billions of dollars in lost revenue and expended effort to fix the problems. Most organizations rely heavily on their distributed computing environment, which usually consists of workstations and a shared file system. This file system is often stored on a centralized file server that is managed by a system administrator who has access to the whole file system, leaving the data vulnerable to anyone who can prove (legitimately or otherwise) that he is the administrator. Recently, however, network-attached disks have begun to replace traditional centralized storage systems [7]. In such systems, disks are attached directly to a network, and rely upon their own security rather than using the server s protection. This arrangement makes security more difficult because the disk is directly exposed to potential attacks instead of being hidden behind a single server that can be hardened. We have developed a security system for networkattached storage that relies upon strong cryptography to protect data stored in a distributed file system. Our system stores and transfers all data encrypted, only decrypting it at a client workstation. The drives themselves lack sufficient information to decrypt the data they hold or to undetectably forge new data, so physically stealing the media will not enable an attacker to gain access to the data or to plant false data. Similarly, an administrator backing up the file system only has access to encrypted copies of the files; the authorized users of a particular file are the only ones with access to its unencrypted contents. Despite this level of security, our system imposes little overhead on the file system. The disks need only perform secure hashes, with encryption and decryption done at the client. This arrangement allows the system to be built using inexpensive embedded processors for the disks, leaving the computationally intensive task of encryption and decryption to the relatively faster clients. We begin by summarizing previous work in securing file systems, discussing the strengths and weaknesses of each system. We then describe Secure Network-Attached Disks (SNAD), our system for protecting data on network-attached disks. We then present three alternate security schemes, each appropriate for different levels of client and server CPU performance. Finally, we conclude with a description of our plans for integrating strong security into modern distributed file systems. 2. Related Work Many systems have been designed to address the security problems of modern distributed file systems. However, these systems have suffered either from weak security, poor performance, or both. It is only recently that CPU performance has advanced to the point where strong cryptography can be done quickly with inexpensive processors. This allows its use on low-cost proces /01/$ IEEE 34

2 sors that can be associated with each disk in a distributed file system [7]. Most file systems include some measure of security. However, systems such as NFS [13] and xfs [1] pass most of their data in the clear, generally relying on relatively insecure networks and trusted hosts for data protection. Other systems, such as AFS [9] and NASD (Network Attached Secure Disk) [7] use third-party authentication such as Kerberos [11] to provide security. These systems provide stronger security by requiring users to obtain tickets from a third party. These systems are considerably stronger than those that rely upon simple authentication, but they still store files in the clear. SCARED [12] and the network-attached disks described by Gobioff [8] also use cryptographic techniques to authenticate users of remote network storage. The SCARED design supports the use of end-to-end encryption of data in the network, but does not encrypt data on the disk itself. Similarly, Gobioff leaves encryption of stored data to the application level of the software. We use similar mechanisms in our design, but with the added safety of encryption in the file system itself, guaranteeing that data on disk cannot be read by an intruder who gains access to the disk. The Secure File System (SFS) [6] provides strong authentication and a secure channel for communications, including an extensive authentication mechanism for individual users and strong security for data in transit between clients and servers. However, it still relies upon trusted file servers that do not alter data stored on them and may allow an intruder to recover data by physically compromising the server. Though many file systems use authentication, few file systems actually protect data disk. Many users have implemented their own secure file system by simply encrypting their files using standard encryption software. While this can provide security and integrity guarantees, it is an ad hoc mechanism, and does not deal with issues such as sharing files between users. The Cryptographic File System (CFS) developed at AT&T Bell Laboratories [2,3] encrypts all data and potentially sensitive metadata stored on disk. A user who supplied the correct password could read files in the directory. However, CFS also required that the server be trusted to actually store (and eventually return) the bits that were originally sent to it. In the Internet era, there is no guarantee that a server will do this, so there must be a mechanism to ensure that the server has not maliciously altered the data. In addition, CFS does not discuss mechanisms for distributing s among users for sharing files. 3. System Design The goal of our system is to address the security shortcomings of previous file systems while preserving the flexibility and performance of standard distributed file systems. We propose three security alternatives for network-attached storage; these schemes vary the CPU time required at both the client and the server, with more security requiring more CPU cycles. The first scheme places the highest demand on both the client and the server, but provides the strongest security. The second scheme removes the need for the server to check signatures (a computationally expensive task), but requires the clients to both generate and check signatures. The third scheme eliminates signature check and verification completely, at the expense of a slight loss in security. Given current (and near future) CPU speeds, we believe that the third scheme will be the best for current file systems, but the first two schemes will become more attractive as CPU speeds increase Design Goals Our security schemes provide several important features for a secure file system. The first feature is end-to-end encryption of all file system data and metadata, including storage on disk. This is necessary to restrict access to cleartext to only authorized users while still allowing administrators and backup systems to do their jobs. The disk must not contain sufficient information to decrypt the data stored on it. Rather, files should only exist in cleartext on the client. Ensuring data integrity is a second goal. A user reading data from the server must be sure that the files received are those he originally stored; data modified at the disk or introduced into the system by an malicious intruder must be detectable. Storing a non-linear checksum of the cleartext in a block along with the ciphertext allows any authorized user to detect a change made to the encrypted block by an intruder. Flexibility is a third feature that is desirable in a secure file system. While it would certainly be possible to simply encrypt each file with a user s password, this approach is impractical because it makes file sharing difficult. Instead, a file system should have sharing at least as powerful as that in standard Unix, and preferably as flexible as the access control lists provided by AFS [9]. High performance and scalability is the fourth feature desirable for a secure distributed file system. Though it may be possible to build a secure file system, 35

3 no one will use it if the file system is too slow. If encryption and decryption are performed at the client, encryption throughput will limit a single client s bandwidth. Minimizing the effort required by the networkattached disk s CPU allows a distributed file system to be used by hundreds of clients, each of which can decrypt the data intended for itself Basic Mechanisms The basic mechanism behind SNAD is to encrypt all data at the client and give the server sufficient information to authenticate the writer and the reader sufficient information to verify the end-to-end integrity of the data. SNAD relies upon several standard cryptographic tools. The client uses a standard algorithm such as RC5 [14] or Blowfish [14] to encrypt the data, ensuring that the data is unreadable by anyone until it is decrypted by the client that reads it. Public- cryptography is used to allow disks to store information that can be used to decrypt their files; because public- encryption is asymmetric, however, only a user with the appropriate private can use this information. SNAD also makes extensive use of cryptographic hashes and ed hashes. Cryptographic hashes such as MD5 and SHA-1 [14] use a one-way function to compute a large number (128 or 160 bits) from a block of data. Any modification in the input data will cause the resulting hash value to change. It is currently believed NP-hard to find two input texts that result in the same hash value. Keyed hashes such as HMAC (hashed message authentication code) [10] use a cryptographic hash in conjunction with a shared secret to check integrity and authenticate a writer. If the sender and receiver share a, the can be included in the cryptographic hash, preventing anyone who intercepts the data from undetectably modifying it unless they know the shared SNAD Structures All of the SNAD security schemes use four basic structures: data s, file s, s, and certificate s. While these s are all shown as contiguous blocks of data, there is no requirement that they be stored contiguously on disk. In particular, data s may be broken apart, storing the data itself in a normal file system and the remainder of the data in a special structure (analogous to i-nodes and index blocks in Unix) if desired Secure Objects. A secure data (SDO) is the minimum unit of data that can be read or written in the secure file system, and corresponds to a file block in a standard file system. Files are composed of one or more secure data s; a sample secure data is shown in Figure 1. Block security information Block ID User IDs Initialization vector Figure 1. Secure data. The block security information is different for each of the three schemes discussed in Section 3.4, but is on the order of 32 bytes long. The block ID uniquely identifies each block in the file system, and consists of a file ID and block offset within the file. The first user ID in the list is the creator of the SDO and is used by the SNAD server to determine which to use to check the security of the block. The initialization vector (IV) is used to prevent identical data blocks encrypted with the same from encrypting to the same ciphertext. Using a unique value such as the block ID concatenated with the file ID will guarantee that blocks with identical content encrypt to different ciphertexts. The timestamp is used simply to prevent replay attacks; it need not be an actual timer, but instead could simply be a counter incremented at each client. The data stored in the data is encrypted using a symmetric encryption algorithm such as RC5. The used to encrypt the data is obtained from the associated with the file, If each data is large, files will waste relatively large amounts of space because of internal fragmentation. However, minimizing cryptographic overhead, both storage and operational, requires that data s not be too small. Like file blocks, secure data s could be variably sized within a single file system File Objects. File s are composed of one or more data s along with per-file metadata. In addition to the usual file metadata such as block pointers, file size, and timestamps, a file contains a pointer to a. This pointer is used to find the 36

4 s that may be used to access the file. Except for the pointer to the and perhaps pointers to the extra information for secure data s, the structures for file s are identical to those for standard files Key Objects. Each, as shown in Figure 2, contains several types of information. The file ID is just the unique identifier for the block on the system. The user ID in the header of the is that of the last user to modify the. When a user writes the, he hashes the entire and signs the hash with his private, storing the result in the signature field. Anyone using the verifies the integrity of the by performing the same hash and verifying the provided signature. This mechanism prevents anyone with low-level access to the disk from undetectably modifying a a client using the can check to ensure that the signature on a belongs to someone authorized to change the. Because someone who modifies a must sign it, there is a way of tracing illegitimate modifications to a particular user. Key file ID User ID Signature User ID Encrypted Permissions User ID Encrypted Permissions... User ID Encrypted Permissions Figure 2. Key. Each tuple in the body of the includes a user ID, encrypted, and permissions for that user. The user ID need not correspond to a single user; it could, instead, be an equivalent to a Unix group and correspond to several users with shared access to a single private. The second field in the tuple contains the for the symmetric RC5 algorithm. Rather than storing this in the clear, the stores the encrypted with the user s public. The disk cannot decrypt any unless it obtains a user s private, but the only way to get a user s private is to steal it from a client or the user himself because s are kept on the client and never sent to the disk. The permissions field is used by the disk to determine whether the user is allowed to write the. A may be used for more than one file. If this is done, all files that use the are encrypted with the same symmetric encryption and are readable by the same set of users. In this way, a corresponds to a Unix group Certificate Objects. Each server contains a single certificate, shown in Figure 3, which contains administrative and cryptographic information about each SNAD user. The disk uses the information in the certificate to authenticate users and do basic storage management. User ID User ID User ID Public Public Public HMAC HMAC... HMAC Figure 3. Certificate. The certificate contains a list of tuples, each of which includes a user ID, public, HMAC (for Schemes 2 and 3), and timestamp. The user ID identifies the user or group to which the remainder of the tuple pertains. The public is stored on the disk for two reasons: as a convenience so that the disk and those using it need not consult a centralized server, and for writer authentication in Scheme 1 as described in Section The HMAC is used in the second and third schemes to verify the identity of the user writing data, and is stored encrypted, with the decryption for the HMAC s held in non-volatile memory on the disk. Storing the HMAC s encrypted allows them to be backed up without compromising them. When the certificate is loaded into memory on disk startup, the HMAC s are decrypted and cached in volatile memory. The timestamp field is updated each time a user writes a file, and is used to prevent replay attacks. A centralized clock is not necessary unless requests for a particular user ID may come from several clients at about the same time. The sole purpose of the timestamp is to prevent replay attacks; clocks may be synchronized using any number of common approaches, or replay attacks may be thwarted as described in Schneier [14] Overall Structure Organization. The relationship between the s described above is shown in Figure 4. The diagram shows multiple file s using a single ; this corresponds to a situation where two files have the same access controls. It is likely that there will be relatively few s on a disk, just as there are relatively few unique groups in a standard Unix file system. 37

5 Certificate File Key File Figure 4. Relationships between s in a Secure Network-Attached Disk. All of the s shown in Figure 4 require relatively little overhead. Each data requires bytes of overhead, depending on which security scheme is being used. Even for 100 bytes of overhead, using 8 KB blocks requires just 1.2% overhead for cryptographic metadata. File s require little overhead just a pointer to a. Key s are also small: a requires 72 bytes for the header and 72 bytes for each user. If each of 10,000 users is part of 200 different groups, there will need to be 144 MB of s, or 0.7% of a 20 GB disk. The certificate requires less than 100 bytes per user, adding just 1 MB to the total. Thus, all of the security information for SNAD requires less than 2% overhead for a 20 GB disk SNAD Security Schemes Key File Our goal for SNAD was to provide authenticated, encrypted storage. Encryption and decryption in SNAD is done at the client. Though the time to do this cannot easily be reduced, symmetric algorithms are relatively fast. There are several different methods for authentication, however, varying in security and speed. The most secure authentication mechanism is for users to sign the checksum of every block they write using public- encryption, and for the disk to authenticate every block before writing it. If the checksum is cryptographically strong (i.e., finding two blocks with the same hash requires random guessing), this mechanism is very secure, and allows the system to track the last writer for each block. Unfortunately, signature generation and checking are slow operations, so this method, which we call Scheme 1, is relatively slow and requires fast CPUs on the disk as well as the client. Scheme 2 reduces the load on the disk s CPU by replacing the signature check at the server with a message authentication code (MAC) check. The client still generates a signature and checks it upon reading a block, but the disk need not perform such an expensive check, improving overall performance. Scheme 3 further improves performance by dispensing with signatures altogether. Instead, it uses combinations of cryptographic hashes to ensure data integrity throughout the system. This scheme is considerably faster because it requires no signature generation or checking; however, it is not possible to verify who last wrote a file. Reading and writing data in each of the three schemes follow similar paths. First, the user must give his private to the client, which is assumed to be trusted by the user. This can be done via password, authentication server, or smartcard. For each file, the user opens the file and reads the for the file; file system caching may be transparently used for this operation as for any other. The appropriate field of the is then decrypted the to obtain the symmetric encryption for the file. This is then used to encrypt the data before sending it to the server and after receiving it from the server SNAD Scheme 1. The first SNAD scheme provides security on each block of data similar to that provided by some cryptographic electronic mail security schemes. Writes in this scheme encrypt each data block, compute a hash over the entire data (including the metadata), and sign the hash using the user s private. This hash can then be verified by anyone with the user s public. In particular, the disk can recompute the hash and compare it against the hash signed by the user who sent the block. If they match, the disk successfully verifies the provided signature, and the user has the permission to write the file, the SNAD server writes the block to disk. Reads in this scheme require no operations by the SNAD server CPU, but do require that the client CPU check the hash and signature just as the SNAD server did on a write. Table 1 summarizes the operations that must be done for each read and write request. This scheme requires relatively expensive signature and verification operations for each disk request; in particular, the CPU on the server must perform a slow signature verification for each block write. Because this CPU is likely to be slow, the verification will reduce write performance. 38

6 Table 1. Operations necessary for Scheme 1. Operation Read Write Host NAS Host NAS En/Decrypt Hash Signature Verification SNAD Scheme 2. Scheme 2 replaces the SNAD server s verification with an HMAC. In this scheme, the client performs a cryptographic hash on the block and signs it. However, this signature is only verified by the client when it reads a block. The client also calculates an HMAC on the secure data using the shared secret HMAC and sends it to the SNAD server. The SNAD server computes an HMAC using the shared secret from the certificate and checks it against the HMAC received from the client. Recalculating the entire hash including the HMAC would be time-consuming; instead, the client simply performs an HMAC over the hash. The replacement of a signature verification by an HMAC reduces the load on the SNAD disk CPU, but does not reduce the load on the client CPU, which still must perform signatures on writes and verifications on reads. Table 2 shows the operations that the client and server perform for SDO reads and writes. Table 2. Operations necessary for Scheme 2. Operation Read Write Client NAS Client NAS En/Decrypt Hash Signature Verification SNAD Scheme 3. The third scheme eliminates the signed hash of Scheme 2, and uses only the edhash (HMAC) to authenticate a writer of a data block and verify the block s integrity. HMACs differ from signed hashes in that a user able to verify a ed-hash is also able to create it. Scheme 3 still uses public- authentication for s because writing s, while slower with public- controls, is very infrequent. Write operations in this scheme require the client to encrypt the SDO and calculate an HMAC over the ciphertext. This information is then sent to the disk, which authenticates the sender by recomputing the HMAC using the shared secret from the certificate. If the write is authentic and the user has the permissions to modify or create the SDO, the SNAD disk commits the write to disk, updating structures as necessary. Note that the disk does not store the HMAC because it must recalculate a new HMAC if the reader is a different user from the user who wrote the SDO. Unlike the previous two schemes, this scheme requires the SNAD disk to perform a cryptographic operation on a read: the disk must calculate a new HMAC using the from the user requesting the data. The data, along with the new HMAC, is then sent to the client requesting the data. If the disk were forced to write blocks without the proper encryption, a client could detect this during a read by checking the non-linear checksum against the decrypted data. The operations performed by the client and SNAD disk are summarized in Table 3. Note that this scheme requires no signature generation or verification operations; however, the SNAD disk must now compute an HMAC on both reads and writes. Table 3. Operations necessary for Scheme 3. Operation 4. Preliminary Results We implemented all three security schemes in a block-oriented client and server, and tested their speed against that of a similar system without encryption. The results are shown in Figure 5. As expected, Scheme 3 performs the best on both reads and writes, 15% 20% slower than unprotected operations. Schemes 1 and 2 are comparable in performance, but are considerably slower than Scheme 3 because of the need to generate and check signatures. 5. Future Work Read Write Client NAS Client NAS En/Decrypt Hash Signature Verification There is still much work to do on cryptographically secure file systems, particularly with actual implementations. We are investigating the actual performance of a file system using the security described in this paper. Issues such as revocation and general security infrastructure also need to be explored further. Another area that we are currently investigating is the scalability of the different security schemes. Schemes 1 and 2 are slow because the clients must generate a signature. With one client and one server, this 39

7 Read bandwidth (MB/s) Write bandwidth (MB/s) Base Sch 2 2 Sch 1 Sch Block size (KB) 8 6 Base Sch Sch 1 Sch Block size (KB) Figure 5. SNAD performance on sequential accesses. reduces performance. However, with many relatively low-bandwidth clients, the overhead of generating signatures is distributed to many machines. In such a system, even a relatively slow CPU on a SNAD server can handle several clients simultaneously. 6. Conclusions We presented the details of the Secure Network Attached Disk system, showing that cryptographic security is possible for distributed file systems and network-attached storage. This type of system is feasible with today s computing power, and will become even more attractive as processors become faster. This security mechanism for distributed file systems solves many of the performance and security problems in existing systems today. This system provides user data confidentiality and integrity from the moment it leaves the client computer. The distributed disks should perform substantially better than centralized file servers, and provide better reliability. Having the security functionality decentralized will improve performance and scalability. Distributed security also removes the single point of failure that plagues many proposed centralized security schemes to date. Integrating SNAD and schemes like it into modern distributed file systems is essential. Such integration can cost relatively little in performance but provides tremendous advantages in security. Given the hostile environment on the Internet, distributed file systems can no longer afford to be without strong security. References [1] T. Anderson, M. Dahlin, J. Neefe, D. Patterson, D. Roselli, and R. Wang, Serverless Network File Systems, ACM Transactions on Computer Systems, Feb. 1996, pages [2] M. Blaze, A Cryptographic File System for Unix, Proceedings of the First ACM Conference on Computer and Communication Security, Nov. 1993, pages [3] M. Blaze, Key Management in an Encrypting File System, Proceedings of the Summer 1994 USENIX Conference, [4] W. Freeman, Decentralized Security for Network Attached Storage, Ph.D. thesis, University of Maryland Baltimore County, April [5] W. Freeman and E. Miller, An Experimental Analysis of Cryptographic Overhead in Performance-Critical Systems, Proceedings of the 7th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS 99), College Park, MD, October 1999, pages [6] K. Fu, M. F. Kaashoek, and D. Mazieres, Fast and secure distributed read-only file system, 4th Symposium on Operating Systems Design and Implementation (San Diego, CA), October 2000, pages [7] G. Gibson, et al., A cost-effective, high-bandwidth storage architecture, Proceedings of the 8th International Conference on Architectural Support for Programming Languages and Operating Systems (San Jose, CA), October 1998, pages [8] H. Gobioff, Security for a High Performance Commodity Storage Subsystem, Ph.D. thesis, Computer Science Department, Carnegie Mellon University, July Available as Technical Report CMU-CS [9] J. Howard, et al., Scale and Performance in a Distributed File System, ACM Transactions on Computer Systems 6(1), February 1988, pages [10] H. Krawczyk, M. Bellare, and R. Canetti, HMAC: Keyed-Hashing for Message Authentication, IETF Network Working Group RFC2104, February [11] B. Neuman and T. Ts o, Kerberos: An Authentication Service for Computer Networks, IEEE Communications Magazine 32(9), September 1994, pages [12] B. Reed, E. Chron, R. Burns, and D. Long, Authenticating Network Attached Storage, IEEE Micro, 20(1)January 2000, pages [13] J. Reid, Plugging the Holes on Host-Based Authentication, Computers and Security, 1996, pages [14] B. Schneier, Applied Cryptography, Wiley (New York), [15] M. J. Wiener, Performance Comparison of Public-Key Cryptosystems, RSA CryptoBytes, 4(1), Summer

Proceedings of the FAST 2002 Conference on File and Storage Technologies

Proceedings of the FAST 2002 Conference on File and Storage Technologies USENIX Association Proceedings of the FAST 2002 Conference on File and Storage Technologies Monterey, California, USA January 28-30, 2002 THE ADVANCED COMPUTING SYSTEMS ASSOCIATION 2002 by The USENIX Association

More information

Design for a Decentralized Security System for Network Attached Storage

Design for a Decentralized Security System for Network Attached Storage Design for a Decentralized Security System for Network Attached Storage William Freeman Lab for Telecommunication Sciences 3000 Some Street Adelphi, MD 20000 +1 301 123-4567 wef@lts.ncsc.mil Ethan Miller

More information

Authenticating Network Attached Storage

Authenticating Network Attached Storage Authenticating Network Attached Storage Benjamin C. Reed, Edward G. Chron, Darrell D. E. Long, y Randal C. Burns Department of Computer Science IBM Almaden Research Center Abstract We present an architecture

More information

Security in Storage and File Systems. Rajeev Thakur Argonne National Laboratory

Security in Storage and File Systems. Rajeev Thakur Argonne National Laboratory Security in Storage and File Systems Rajeev Thakur Argonne National Laboratory Nice Survey Papers Securing Data in Storage: A Review of Current Research Paul Stanton, UIUC http://arxiv.org/ftp/cs/papers/0409/0409034.pdf

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

Security in Storage Networks A Current Perspective

Security in Storage Networks A Current Perspective Security in Storage Networks A Current Perspective Christian Cachin ZISC Colloquium www.zurich.ibm.com Overview Networked storage systems NAS, SAN, OBS Design options for security

More information

AUTHENTICATING NETWORK-ATTACHED STORAGE

AUTHENTICATING NETWORK-ATTACHED STORAGE AUTHENTICATING NETWORK-ATTACHED STORAGE WE PRESENT AN ARCHITECTURE FOR NETWORK-AUTHENTICATED DISKS THAT IMPLEMENTS DISTRIBUTED FILE SYSTEMS WITHOUT FILE SERVERS OR ENCRYPTION. OUR SYSTEM PROVIDES NETWORK

More information

Intra-file Security for a Distributed File System

Intra-file Security for a Distributed File System Proceedings of the 10th Goddard Conference on Mass Storage Systems and Technologies, in cooperation with the 19th IEEE Symposium on Mass Storage Systems, College Park, MD, April 2002, pages 153 163. Intra-file

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

Encrypt-FS: A Versatile Cryptographic File System for Linux

Encrypt-FS: A Versatile Cryptographic File System for Linux Encrypt-FS: A Versatile Cryptographic File System for Linux Abstract Recently, personal sensitive information faces the possibility of unauthorized access or loss of storage devices. Cryptographic technique

More information

Kerberos. Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530 520 BC. From Italy (?).

Kerberos. Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530 520 BC. From Italy (?). Kerberos Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530 520 BC. From Italy (?). 1 Kerberos Kerberos is an authentication protocol and a software suite implementing this

More information

Authentication Application

Authentication Application Authentication Application KERBEROS In an open distributed environment servers to be able to restrict access to authorized users to be able to authenticate requests for service a workstation cannot be

More information

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two

More information

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

More information

KERBEROS. Kerberos Authentication Service

KERBEROS. Kerberos Authentication Service KERBEROS 1 Kerberos Authentication Service Developed at MIT under Project Athena in mid 1980s Versions 1-3 were for internal use; versions 4 and 5 are being used externally Version 4 has a larger installed

More information

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles

More information

SSL A discussion of the Secure Socket Layer

SSL A discussion of the Secure Socket Layer www.harmonysecurity.com info@harmonysecurity.com SSL A discussion of the Secure Socket Layer By Stephen Fewer Contents 1 Introduction 2 2 Encryption Techniques 3 3 Protocol Overview 3 3.1 The SSL Record

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Chapter 1: Introduction

Chapter 1: Introduction Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure

More information

IT Networks & Security CERT Luncheon Series: Cryptography

IT Networks & Security CERT Luncheon Series: Cryptography IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI

More information

CRYPTOGRAPHY IN NETWORK SECURITY

CRYPTOGRAPHY IN NETWORK SECURITY ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

More information

Chapter 7 Transport-Level Security

Chapter 7 Transport-Level Security Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell

More information

SNARE: A Strong Security Scheme for Network-Attached Storage

SNARE: A Strong Security Scheme for Network-Attached Storage SNARE: A Strong Security Scheme for Network-Attached Storage Yingwu Zhu Department of ECECS University of Cincinnati Cincinnati, OH 45221, USA zhuy@ececs.uc.edu Yiming Hu Department of ECECS University

More information

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions

More information

Authentication Applications

Authentication Applications Authentication Applications will consider authentication functions developed to support application-level authentication & digital signatures will consider Kerberos a private-key authentication service

More information

Kerberos: An Authentication Service for Computer Networks by Clifford Neuman and Theodore Ts o. Presented by: Smitha Sundareswaran Chi Tsong Su

Kerberos: An Authentication Service for Computer Networks by Clifford Neuman and Theodore Ts o. Presented by: Smitha Sundareswaran Chi Tsong Su Kerberos: An Authentication Service for Computer Networks by Clifford Neuman and Theodore Ts o Presented by: Smitha Sundareswaran Chi Tsong Su Introduction Kerberos: An authentication protocol based on

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

An Introduction to Cryptography and Digital Signatures

An Introduction to Cryptography and Digital Signatures An Introduction to Cryptography and Digital Signatures Author: Ian Curry March 2001 Version 2.0 Copyright 2001-2003 Entrust. All rights reserved. Cryptography The concept of securing messages through

More information

SYSTEM MODEL KERBEROS OBJECTIVES PHYSICAL SECURITY TRUST: CONSOLIDATED KERBEROS MODEL TRUST: BILATERAL RHOSTS MODEL

SYSTEM MODEL KERBEROS OBJECTIVES PHYSICAL SECURITY TRUST: CONSOLIDATED KERBEROS MODEL TRUST: BILATERAL RHOSTS MODEL INFS 766 Internet Security Protocols Lecture 9 WORK- STATIONS SYSTEM MODEL NETWORK SERVERS NFS GOPHER Prof. Ravi Sandhu LIBRARY KERBEROS 2 PHYSICAL SECURITY KERBEROS OBJECTIVES CLIENT WORKSTATIONS None,

More information

Chapter 4. Authentication Applications. COSC 490 Network Security Annie Lu 1

Chapter 4. Authentication Applications. COSC 490 Network Security Annie Lu 1 Chapter 4 Authentication Applications COSC 490 Network Security Annie Lu 1 OUTLINE Kerberos X.509 Authentication Service COSC 490 Network Security Annie Lu 2 Authentication Applications authentication

More information

Chapter 17. Transport-Level Security

Chapter 17. Transport-Level Security Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 9: Authentication protocols, digital signatures Ion Petre Department of IT, Åbo Akademi University 1 Overview of

More information

File System Encryption with Integrated User Management

File System Encryption with Integrated User Management File System Encryption with Integrated User Management Stefan Ludwig Corporate Technology Siemens AG, Munich fsfs@stefan-ludwig.de Prof. Dr. Winfried Kalfa Operating Systems Group Chemnitz University of

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

The Mathematics of the RSA Public-Key Cryptosystem

The Mathematics of the RSA Public-Key Cryptosystem The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through

More information

Secure data storage. André Zúquete Security 1

Secure data storage. André Zúquete Security 1 Secure data storage André Zúquete Security 1 Problems (1/3) ( The classical file system protection is limited Physical protection assumptions Physical confinement of storage devices Logical protection

More information

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the

More information

SPINS: Security Protocols for Sensor Networks

SPINS: Security Protocols for Sensor Networks SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, J.D. Tygar, Victor Wen, and David Culler Department of Electrical Engineering & Computer Sciences, University of California

More information

Authentication requirement Authentication function MAC Hash function Security of

Authentication requirement Authentication function MAC Hash function Security of UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

More information

SENSE Security overview 2014

SENSE Security overview 2014 SENSE Security overview 2014 Abstract... 3 Overview... 4 Installation... 6 Device Control... 7 Enrolment Process... 8 Authentication... 9 Network Protection... 12 Local Storage... 13 Conclusion... 15 2

More information

Advanced Authentication

Advanced Authentication White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is

More information

Kerberos. Guilin Wang. School of Computer Science, University of Birmingham G.Wang@cs.bham.ac.uk

Kerberos. Guilin Wang. School of Computer Science, University of Birmingham G.Wang@cs.bham.ac.uk Kerberos Guilin Wang School of Computer Science, University of Birmingham G.Wang@cs.bham.ac.uk 1 Entity Authentication and Key Exchange In the last talk, we discussed key exchange and reviewed some concrete

More information

Hooks could have been left around for the imposter to regain control. A.Arpaci-Dusseau. Remove all files from disk and reinstall all software

Hooks could have been left around for the imposter to regain control. A.Arpaci-Dusseau. Remove all files from disk and reinstall all software UNIVERSITY of WISCONSIN-MADISON Computer Sciences Department CS 537 A. Arpaci-Dusseau Intro to Operating Systems Spring 2000 Security Solutions and Encryption Questions answered in these notes: How does

More information

Chapter 15 User Authentication

Chapter 15 User Authentication Chapter 15 User Authentication 2015. 04. 06 Jae Woong Joo SeoulTech (woong07@seoultech.ac.kr) Table of Contents 15.1 Remote User-Authentication Principles 15.2 Remote User-Authentication Using Symmetric

More information

ERserver. iseries. Secure Sockets Layer (SSL)

ERserver. iseries. Secure Sockets Layer (SSL) ERserver iseries Secure Sockets Layer (SSL) ERserver iseries Secure Sockets Layer (SSL) Copyright International Business Machines Corporation 2000, 2002. All rights reserved. US Government Users Restricted

More information

The Misuse of RC4 in Microsoft Word and Excel

The Misuse of RC4 in Microsoft Word and Excel The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft

More information

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

More information

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

More information

Strengthen RFID Tags Security Using New Data Structure

Strengthen RFID Tags Security Using New Data Structure International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University

More information

Chapter 16: Authentication in Distributed System

Chapter 16: Authentication in Distributed System Chapter 16: Authentication in Distributed System Ajay Kshemkalyani and Mukesh Singhal Distributed Computing: Principles, Algorithms, and Systems Cambridge University Press A. Kshemkalyani and M. Singhal

More information

Message authentication and. digital signatures

Message authentication and. digital signatures Message authentication and " Message authentication digital signatures verify that the message is from the right sender, and not modified (incl message sequence) " Digital signatures in addition, non!repudiation

More information

CS 161 Computer Security Spring 2010 Paxson/Wagner MT2

CS 161 Computer Security Spring 2010 Paxson/Wagner MT2 CS 161 Computer Security Spring 2010 Paxson/Wagner MT2 PRINT your name:, (last) SIGN your name: (first) PRINT your class account login: cs161- Your T s name: Your section time: Name of the person sitting

More information

Security Digital Certificate Manager

Security Digital Certificate Manager System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure

More information

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure) Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

More information

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such

More information

Security vulnerabilities in the Internet and possible solutions

Security vulnerabilities in the Internet and possible solutions Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in

More information

Introduction to Network Security. 1. Introduction. And People Eager to Take Advantage of the Vulnerabilities

Introduction to Network Security. 1. Introduction. And People Eager to Take Advantage of the Vulnerabilities TÜBİTAK Ulusal Elektronik ve Kriptoloji Araştırma Enstitüsü Introduction to Network Security (Revisit an Historical 12 year old Presentation) Prof. Dr. Halûk Gümüşkaya Why Security? Three primary reasons

More information

A Study on Secure Electronic Medical DB System in Hospital Environment

A Study on Secure Electronic Medical DB System in Hospital Environment A Study on Secure Electronic Medical DB System in Hospital Environment Yvette E. Gelogo 1 and Sungwon Park 2 * 1 Catholic University of Daegu, Daegu, Korea 2 Department of Nursing, Hannam University, 133

More information

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems

More information

Securing Data at Rest ViSolve IT Security Team

Securing Data at Rest ViSolve IT Security Team Securing Data at Rest ViSolve IT Security Team 1 Table of Contents 1 Introduction... 3 2 Why Data at Rest needs to be secure?... 4 3 Securing Data... 4 3.1 Encryption - Access Control Approach... 5 3.1.1

More information

Chapter 6 Electronic Mail Security

Chapter 6 Electronic Mail Security Cryptography and Network Security Chapter 6 Electronic Mail Security Lectured by Nguyễn Đức Thái Outline Pretty Good Privacy S/MIME 2 Electronic Mail Security In virtually all distributed environments,

More information

Cryptography & Digital Signatures

Cryptography & Digital Signatures Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.

More information

CMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis

CMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems

More information

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/ Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP

More information

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead

More information

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

More information

Savitribai Phule Pune University

Savitribai Phule Pune University Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter

More information

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview of CSS SSL. SSL Cryptography Overview CHAPTER CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

More information

Architecture of the Secure File System

Architecture of the Secure File System Architecture of the Secure File System James P. Hughes Storage Technology Corporation jim@network.com Christopher J. Feist Storage Technology Corporation chris.feist@network.com October 23, 2000 Abstract

More information

Cryptography and Network Security Digital Signature

Cryptography and Network Security Digital Signature Cryptography and Network Security Digital Signature Xiang-Yang Li Message Authentication Digital Signature Authentication Authentication requirements Authentication functions Mechanisms MAC: message authentication

More information

Data Storage Security in Cloud Computing

Data Storage Security in Cloud Computing Data Storage Security in Cloud Computing Prashant M. Patil Asst. Professor. ASM s, Institute of Management & Computer Studies (IMCOST), Thane (w), India E_mail: prashantpatil11@rediffmail.com ABSTRACT

More information

A Novel Way of Deduplication Approach for Cloud Backup Services Using Block Index Caching Technique

A Novel Way of Deduplication Approach for Cloud Backup Services Using Block Index Caching Technique A Novel Way of Deduplication Approach for Cloud Backup Services Using Block Index Caching Technique Jyoti Malhotra 1,Priya Ghyare 2 Associate Professor, Dept. of Information Technology, MIT College of

More information

Information Security

Information Security Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked

More information

Cryptography and Network Security Chapter 15

Cryptography and Network Security Chapter 15 Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 15 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

NETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia

NETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia NETWORK SECURITY Farooq Ashraf Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia O u t l i n e o f t h e P r e s e n t a t i o n What is Security

More information

OPENID AUTHENTICATION SECURITY

OPENID AUTHENTICATION SECURITY OPENID AUTHENTICATION SECURITY Erik Lagercrantz and Patrik Sternudd Uppsala, May 17 2009 1 ABSTRACT This documents gives an introduction to OpenID, which is a system for centralised online authentication.

More information

Three attacks in SSL protocol and their solutions

Three attacks in SSL protocol and their solutions Three attacks in SSL protocol and their solutions Hong lei Zhang Department of Computer Science The University of Auckland zhon003@ec.auckland.ac.nz Abstract Secure Socket Layer (SSL) and Transport Layer

More information

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch CSC474/574 - Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a one-round Feistel cipher

More information

Authentication Types. Password-based Authentication. Off-Line Password Guessing

Authentication Types. Password-based Authentication. Off-Line Password Guessing Authentication Types Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4:

More information

An Overview of Communication Manager Transport and Storage Encryption Algorithms

An Overview of Communication Manager Transport and Storage Encryption Algorithms An Overview of Communication Manager Transport and Storage Encryption Algorithms Abstract The following paper provides a description of the standard algorithms that are implemented within Avaya Communication

More information

Security Digital Certificate Manager

Security Digital Certificate Manager IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,

More information

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Module 8. Network Security. Version 2 CSE IIT, Kharagpur Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication

More information

Secure Streaming Media and Digital Rights Management

Secure Streaming Media and Digital Rights Management Secure Streaming Media and Digital Rights Management Deepali Holankar Department of Computer Science San Jose State University San Jose, CA 95192 dbrahmbhatt@pacbell.net Mark Stamp Department of Computer

More information

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder

More information

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles

More information

Key Management for Secure Power SCADA

Key Management for Secure Power SCADA Dartmouth Computer Science Technical Report TR2008-628 Key Management for Secure Power SCADA Manya Sleeper manya.k.sleeper@alum.dartmouth.org Senior Honors Thesis June 2008 This research was sponsored

More information

EXAM questions for the course TTM4135 - Information Security May 2013. Part 1

EXAM questions for the course TTM4135 - Information Security May 2013. Part 1 EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question

More information

Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution.

Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution. Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution. 1 Opening quote. 2 The topics of cryptographic key management

More information

Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card

Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card C. Koner, Member, IACSIT, C. T. Bhunia, Sr. Member, IEEE and U. Maulik, Sr. Member, IEEE

More information

Secure cloud access system using JAR ABSTRACT:

Secure cloud access system using JAR ABSTRACT: Secure cloud access system using JAR ABSTRACT: Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that

More information

Guide to Data Field Encryption

Guide to Data Field Encryption Guide to Data Field Encryption Contents Introduction 2 Common Concepts and Glossary 3 Encryption 3 Data Field Encryption 3 Cryptography 3 Keys and Key Management 5 Secure Cryptographic Device 7 Considerations

More information

A Standards-based Approach to IP Protection for HDLs

A Standards-based Approach to IP Protection for HDLs A Standards-based Approach to IP Protection for HDLs John Shields Staff Engineer, Modelsim Overview Introduction A Brief Status First Look at The Flow Encryption Technology Concepts Key Management Second

More information

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn. CSC 490 Special Topics Computer and Network Security Key Management Dr. Xiao Qin Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.edu Slide 09-1 Overview Key exchange Session vs. interchange

More information

As enterprises conduct more and more

As enterprises conduct more and more Efficiently handling SSL transactions is one cornerstone of your IT security infrastructure. Do you know how the protocol actually works? Wesley Chou Inside SSL: The Secure Sockets Layer Protocol Inside

More information

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Subject Code Department Semester : Network Security : XCS593 : MSc SE : Nineth Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Part A (2 marks) 1. What are the various layers of an OSI reference

More information

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application

More information

An Introduction to Cryptography as Applied to the Smart Grid

An Introduction to Cryptography as Applied to the Smart Grid An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric

More information

Capture Resilient ElGamal Signature Protocols

Capture Resilient ElGamal Signature Protocols Capture Resilient ElGamal Signature Protocols Hüseyin Acan 1, Kamer Kaya 2,, and Ali Aydın Selçuk 2 1 Bilkent University, Department of Mathematics acan@fen.bilkent.edu.tr 2 Bilkent University, Department

More information